Trial By Fire: Turning A DDoS Attack Into Something Positive

What is a DDoS Attack?

A distributed denial-of-service (DDoS) attack occurs when a cybercriminal forces an online service into submission by flooding the server’s request queue with fake requests from multiple “distributed” sources. Eventually, the service can no longer handle the stress of so many requests and is made inoperable as a result.

SaaS companies, like CATS, are the perfect target for these type of cyberattacks. These companies sell a web-based product that needs reliability. Any amount of downtime when the software is offline means a loss of customer satisfaction and business. Young companies are particularly susceptible and unfortunately, back in 2012, CATS was unprepared.

CATS is Attacked

CATS went down in the summer of 2012. Every customer was locked out of the system and their data. Unable to conduct any business, disaster had struck--for the customers and for CATS. That evening, CATS frantically rallied its development team to investigate, but they knew what had happened. CATS had been attacked. Earlier that day, the hacker was able to throw the system into turmoil in a matter of moments. It’s a struggle to recover after a cyberattack, but it can be overcome with smart, dedicated individuals that truly care about their customers.

Throughout the night and well into the morning, the developers worked to find the origin of the attack. To make matters worse, CATS’ data center “blackholed” its IP, meaning CATS effectively did not exist. It seemed other companies were experiencing similar service outages due to the DDoS. If the data center had blackholed the existing servers, then CATS needed to get them back online. By 8 A.M. the next morning, CATS decided to find a new home for the servers.

The next morning, the developers hauled the expensive and heavy servers from the data center to the CATS downtown offices and installed them wherever they could find space. Even though the servers were back up and running, CATS still didn’t know the source of the attack. CATS decided that they needed to address the problem headon and contacted Cloudflare, a DDoS mitigation company.

Unlike other mitigation companies that required days to implement a solution, Cloudflare could address the attack right away. Rather than having CATS servers foster the brunt of the attack, Cloudflare used its own servers to absorb the influx of traffic to weed out fake requests and send only the real ones to CATS. However, this solution required the developers to spend another night manually transferring CATS data into Cloudflare. After a day and a half, the DDoS attack was under control, the software was back up, and the employees could breathe easy.

To ensure that a similar incident wouldn’t happen again, CATS adopted Amazon EC2, a cloud based technology. By moving CATS entirely to the cloud, they could completely forgo hardware issues and traveling to a data center to fix the problem in person. What’s more, EC2 featured a DDoS mitigation services. To this day, CATS is housed in EC2, and it has no plans on switching.

A Defining Moment

CATS hasn’t forgotten the attack. If it were to face a similar incident now, downtime would be far more manageable than the disastrous 20+ hours that the system was down. CATS emerged a stronger, more resilient company, one that can turn disaster into a formative experience. But, more importantly, CATS and its employees demonstrated the great lengths they would go in order to keep customers’ livelihoods afloat. A company's dedication is always implied, but rarely proven, and the days after the DDoS attack proved that CATS Software is dedicated to its customers.